::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::
Programmers are always looking for a new or better ways to secure their programs from pirating. I have developed a method in a commercial program that has worked for me for over two years. That's not to say that my method will prevent pirating any better than any other password scheme, but because my program is rather unique, it will at least make it more embarrassing.
I needed a way that I could have a user's name in the program anyway so that it could be printed on the 16 different printouts that the program can produce and that could amount to a thousand or more pages each time the program is used for a new event. My program, for the interested, prepares all the paperwork for pigeon and poultry shows and the hosting club always wants their club name to appear on the printouts. Since I needed to be able to access the user's name, rather than use a file for the name, I decided to create a security code based on the user's name and use both.
Let's suppose that the user's name is "My Program". If I want to calculate the sum of the ascii codes for all the characters in the name I would do this:
text$ = "My Program"
for x=1 to len(text$)
sc=sc+asc(mid$(text$,x,1))
next
print sc
We find that (the security code) sc=958. We can further disguise the security code by multiplying it by some number and adding a third number.
sc=sc*3+11 print sc
We now find sc = 2885. Not terrible sophisticated but, you can see the possibilities of creating a security code are some what limitless.
Now all we need to do is find a way to use the users name and the security code in our program and make it so that you don't have to create a unique program for each user every time you update the program. I upload updates to the internet and the user can periodically check from within the program to see if updates are available. But I don't want the update to interfere with the portion of the program that contains the user name and security code. So what I actually have is two programs, the first of which contains only the user name and security code and actually starts the second or main program.
My first program, named 'programname' will look like this:
nomainwin run "main.exe 2885 My Program" end
Of course 2885 is the security code and My Program is the user's name.
I will then create a tkn and a runtime exe named programname.tkn and programname.exe using the above basic program. Then using the main.bas program I will create a tkn named main.tkn and a runtime exe named main.exe.
Now before anyone says, why isn't the second line just "run main.tkn 2885 My Program", let me explain. Running the tkn will work, but what you will be doing is retrieving the security code and user name using the special CommandLine$ variable in the main program and when you do that and exit the main program you will find that programname.exe is still running. You won't see it and I'm not sure how you can tell that in operating systems below Windows 2000, but if you look at the Task Manager for 2000 and Xp you will see programname.exe still running but it doesn't show up in the task bar. If you run a second exe, that problem doesn't occur. This was tested with version 4.02 and earlier. So having said that, let's look at what the main program might look like.
So having said that, let's look at what the main program might look like.
'Main program
This line is especially useful if you do have updates on the internet because you can create a txt document with the new version number in it and compare the variable currentversion$ to the string inside the txt document to see if the current version is up to date. But that's another article.
currentversion$="1.0"
The next line is necessary only so you can run main.bas from within the LB editor. Unremark the line and the program will run. Remark it again before creating a tkn.
'CommandLine$="main.exe 2885 My Program" 'to run from LB, unremark this line'
The next line stops the user from attempting to run main.exe directly. It just ends the program before anything shows on the screen.
if CommandLine$="" then end
This line removes 'main.exe' from the CommandLine$ if it exists.
if word$(CommandLine$,1)="main.exe" then
x=instr(CommandLine$," ")'find first space and remove the program name
y=len(CommandLine$)
CommandLine$=right$(CommandLine$,y-x)
CommandLine$=trim$(CommandLine$)'trim any spaces
end if
Separate the security code (sc$) from the user's name (Owner$)
x=instr(CommandLine$," ") 'find the space after the code
y=len(CommandLine$)
sc$=left$(CommandLine$,x-1)
Owner$=right$(CommandLine$,y-x)
Next we reverse the calculations that were used to create the security code in the first place.
sc=val(sc$)
sc=sc-11
sc=sc/3
You have to be careful when using the square root to make sure sc is correct. You may have to add the line sc=int((sc)+.5) to round the number correctly.
The variable sc should now be the original sum of the ascii characters of the user's name and next we get the sum of the ascii characters from the user's name that was in the CommandLine$.
for x=1 to len(Owner$)
a=a+asc(mid$(Owner$,x,1))
next
If someone attempts to start the main.exe with a incorrect command line or attempts to tamper with the programname.tkn, the program will not run. The re-calculation of the code transmitted in the CommandLine$ should be equal to that which we just calculated above.
if a<>sc then
notice "FATAL ERROR!"+chr$(13)+"It appears the program has been tampered with and is now disabled!!"
end
end if
At this point, you will have the user's name which can be displayed on the main or other windows and can appear on any printout.
>From this point on, main.bas will contain your program.
You can create a security code based on the sum of the ascii values of the characters in the user's name. That code can be mathematically as simple or complex as you want to make it. You pass the security code and user's name from the first program to the second and in the second you retrieve the CommandLine$, separate the security code and user's name and compare the recalculated security code against the sum of the ascii values of the characters in the user's name
You will need two tkn's and two exe's or else you will leave an exe running when you exit the main program. This is a disadvantage of this method in that you will have to distribute two exe's and tkn's, but in this age of 20 and 30 megabyte programs, I'm not sure this is a real problem. Advantages are, you don't need a special file, which can usually be opened in Wordpad anyway and edited unless you encrypt it, and that means it is easy to provide updates for the second or main program without having to worry about an embedded user name. Since the tkn is all but unintelligible anyway, it's not very likely that a non programmer will be able to decipher, much less edit one and I'm not certain that an LB programmer could do so either.
Since a new customer has to order the program from me anyway, it is easy for me to use this method. I do keep a record of the users' names and security codes. Your mileage may vary.
::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::